Closed Bug 336698 Opened 18 years ago Closed 18 years ago

Under Windows Vista, Firefox Crashes when trying to update and not running as administrator

Categories

(Toolkit :: Application Update, defect)

Product:
Toolkit
Component:
Application Update
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: nidonocu, Unassigned)

References

Details

(Keywords: crash) 

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3

Due to the new User Account Protection (UAP) in Windows Vista, Firefox crashes or jams and fails to update when trying to update its self using the Auto-update system.
In this case, it was an upgrade from version 1.5.0.2 to .3.
This is I’m sure one of several issues that may have to be dealt with soon to ensure safe running under Windows Vista.


Reproducible: Always

Steps to Reproduce:
1. Ensure UAP under Windows Vista is enabled (the default setting).
2. Install version 1.5.0.2 of Firefox. At the start of the installation, you will be prompted to elevate the setup program's access rights as part of UAP.
3. Start Firefox at the end of setup and after importing, etc, when the main window is displayed, close Firefox and restart it to ensure it is running with only standard user credentials.
4. Open the Help menu and watch the update indicator (showing it is updating to 1.5.0.3). Wait a few minutes and then check the menu again, it will show it has stopped trying. Clicking the option now will open the update progress screen and saying it has ‘paused’ but the resume button is disabled. (Update is jammed)
5. Close and restart firefox, as soon as it opens, click the help menu and click the check for updates menu item.
6. The dialog will say a new update is available and prompt you to download it. Choose to do so and quickly after this, Firefox will hang and lock up. (Crash)


Actual Results:  
As indicated in the steps to reproduce, depending on the method used to get updates, Firefox either fails to update (or warn the user that it can’t) or crashes if the user is watching the update dialog at the time.

Expected Results:  
As recommended by the Windows Vista guidelines, Firefox should warn users and request elevation when it performs an action that will make a system wide change and write to the Program Files folder. In this case, as the browser is still running while the download is in progress, elevation should NOT occur until Firefox is ready to restart and install the update as this could present a security risk.
Firefox should download the temporary installation files to a user safe location (such as the user profile folder). It should then when the user clicks restart, close Firefox and open the Software Update program. The Update program should then request elevation from the operating system and trigger the UAP warning from Vista. If it is accepted then the update is installed and Firefox is restarted -without- administrator privileges (this is important as an application with admin rights by default starts its sub-processes with admin rights if I remember correctly). If rejected, the update is aborted and the user alerted.


One workaround does exist and that is choosing to run Firefox as an administrator from its shortcut menu. Doing so however obvious presents a larger security risk. This does however cause both Firefox and the update program to behave correctly. (The update program inherits Firefox’s admin rights as it is started by Firefox.)
Keywords: crash
OS: Windows XP → Windows Vista
Whiteboard: DUPEME
Just updated from Firefox 2 b1 to Firefox 2 b2. 

The update failed initially, but Firefox did not crash. The creation of the xml file in the firefox directory failed but this was not reported to the user. There was no indication that the update had failed (or that it succeeded for that matter) aside from the fact that the version number did not change.

The update was successful if the program was run by right clicking and executing as an administrator.

Is there any way to cause firefox to launch the UAP dialog in the same way that Windows does? Hopefully this is one of the things that MS will talk to the mozilla devs about, or it should be documented in the API's.
To fix this, all the update logic needs to be moved to the updater application.

Once Firefox has detected the update, it should display a request to go ahead and download install complete with a elevation shield on the 'Update' button.

When the user clicks it, Firefox should open the Updater program which should include a manifest that only allows an administrator to run it. That application would then cause the elevation prompt to appear. When the user has granted permission and the application has opened, it should then instruct Firefox to exit and then go ahead and perform the download and install.

After the update is complete, it needs to either close without reopening Firefox or relaunch Firefox indirectly as any process normally started by a administrative program will inherrit those administrative rights (which is not good for a browser).
reporter: if there's an execution shield on updater and i install firefox into my \documents and settings\username\ directory instead of into \program files, will the updater demand unnecessary administrative permissions? and if so, is it possible to avoid that?
(In reply to comment #3)
> reporter: if there's an execution shield on updater and i install firefox into
> my \documents and settings\username\ directory instead of into \program files,
> will the updater demand unnecessary administrative permissions? and if so, is
> it possible to avoid that?

Hmm.. you have a point there that my fix would require permissions to upgrade even though they were no longer technically required because the program was installed to a location the user had full rights to. Soo.. alternative:

Everything is the same as per my previous suggestion with the following changes:
*Firefox checks to see if its installed in a location which is read-only to non-administrators. If yes, its displays the shild button, if no then it displays the button without sheild.
*The updater program also performs a check when it is launched, rather than having an administator only manifest. If it detects FF being in a read-write folder, it goes ahead as previously. If it detects that admin rights are required then it launches the prompt for credientals or permission.
Blocks: 352420
This is not what happens with me.  I was able to update while a non-admin.  During the update I saw a Vista confirmation dialog.  I have not see any crashes.

I am using Vista RC1 and the upgrade was from 1.5.0.5 to 1.5.0.6
Status: UNCONFIRMED → NEW
Ever confirmed: true
Seems then this has been fixed in the latest update. I guess I'll mark this as fixed though the other issues brought up in the discussion may need to be looked in to in future.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Resolution: FIXED → WORKSFORME
Product: Firefox → Toolkit
Whiteboard: DUPEME
You need to log in before you can comment on or make changes to this bug.